Skip to main content
CVE-2012-0427 HIGH POC This Week

yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2). Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Opensuse
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2012-6535 CRITICAL Act Now

DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Code Injection Denial Of Service RCE Djvulibre
NVD
CVSS 2.0
9.3
EPSS
5.4%
CVE-2012-0434 CRITICAL Act Now

The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Suse Cloud
NVD
CVSS 2.0
10.0
EPSS
0.2%
CVE-2012-0425 HIGH This Week

LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Opensuse
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-6696 HIGH This Week

Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance Software Adaptive Security Appliance
NVD
CVSS 2.0
7.1
EPSS
0.8%
CVE-2012-0426 HIGH This Week

Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition SAP Suse Linux Enterprise For Sap Applications
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2012-0414 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Suse Manager
NVD
CVSS 2.0
4.3
EPSS
1.1%
CVE-2012-0420 MEDIUM This Month

zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Zypper
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-6695 MEDIUM This Month

The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Secure Access Control System
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy